Sophos Home Premium for Mac full review
Sophos Home Premium offers protection for up to 10 devices with one subscription, including your Mac. It's among our top picks in our round-up of the best Mac antivirus options available right now, so is well worth considering. Read on for our full review.
Sophos Home Premium Price
At time of writing, a year’s subscription to Sophos Home Premium is £30/USD$30, after which it'll go up to £50/$60 per year unless you opt for a two year license from the get-go at £60/$60. This is good value for what you get, and lets you protect up to 10 Macs and PCs. You can sign up here.
But the best news is that if you merely want antimalware protection - including realtime protection - then Sophos Home Free is all you need. You get the same cloud-based remote management for up to three Macs or PCs as with the paid-for product. You just don’t get some of the other tools, like ransomware protection.
To our knowledge, Sophos is the only firm offering a free antimalware app for macOS that includes always-on protection. Other free antimalware apps merely let you scan your system on-demand.
The first thing to strike us about Sophos Home Premium upon installation is that, while it places the usual icon at the right of the menu bar, you will never see a program window. The most you’ll see is a pop-out window showing notifications about when scans have completed, and a handful of options for program functions such as starting a scan.
So, how do you configure Sophos Home Premium, or view the results of things like malware scans? This is done via the cloud. Users login at https://my.sophos.com using any web browser and control the app from there.
In fact, this login can be done on any computer, meaning that you can install Sophos Home Premium on a Mac and control its malware protection on pretty much any other computer or device (and see the results of virus scans or alerts etc). This is a useful feature for parents who want to ensure their kids’ computers are always protected.
However, it is possible to start a scan on the Mac itself - just click the menu icon in the pop-up window, and select the option. Here you can also make Sophos Home Premium check for updates.
Malware scan results
As soon as installation has finished a fast malware scan kicks off automatically. This is a terrific idea and, really, all antimalware apps should do it. The scan took around five minutes to complete on our test Mac.
To run a full system scan it’s necessary to click Scan on the dropdown menu (on the computer rather than the web interface), and then check the relevant box alongside the Scan button. Alternatively, you can start the scan from the browser interface, because this appears to always run a full scan.
The scan took a little over six hours to complete, meaning it took the longest for any antimalware app we’ve reviewed. In other words, your Mac will need to be left overnight in most cases - and on a system with terabytes of files even that might not be enough.
Waiting this long if you’re worried your system has a malware infection simply isn’t acceptable, and is something Sophos needs to improve. Even worse, subsequent full scans were equally slow, so it appears Sophos Home Premium doesn’t include the technology to know which files haven’t been changed since the last scan. This is deployed by some other antimalware scanners and means an initial full scan lasting several hours can be reduced massively for subsequent scans.
However, CPU usage throughout the scan was very light indeed throughout, troubling only between 10-30% of four of the eight virtual CPU cores on our i7 2.8GHz Mac.
Next, it was time to unleash the 26 recent Mac malware samples onto our testbed virtualised Mac in an unscientific test to find out how well Sophos Home Premium’s always-on protection works.
The results were good but one malware sample was apparently ignored once it arrived on the testbed - DarthMiner. Even attempting to run this and therefore infect the Mac didn’t seem to awaken Sophos Home Premium, and it wasn’t picked-up in a subsequent on-demand scan either.
Curiously, the VirusTotal database reports that Sophos Home Premium claims to detect this malware. Our best guess is that this blindsiding of Sophos Home Premium for Mac was a peculiarity with our particular sample of this malware - although we note that other malware apps we’ve tested caught it without issue.
For the other malware samples that were detected, some were cleaned automatically, while others caused Sophos Home Premium to pop-up a warning with a button offering to clean-up the malware. Of course, most people will instantly click this, but we’re unsure why Sophos Home Premium didn’t just clean-up or quarantine malware automatically like most of the other malware apps.
Other security features
Other features that come with Sophos Home Premium include CryptoGuard, which aims to protect against ransomware. Unlike other antimalware apps’ ransomware protection, which typically aim to stop unauthorised apps changing files in the user’s personal folders, CryptoGuard constantly monitors the system for the kind of encryption processes used by ransomware.
Once the encryption is halted and the ransomware removed, it then rolls files back - something that means CryptoGuard requires 3GB of disk space all to itself, presumably to archive files in case of disaster.
Potentially Unwanted Application (PUA) protection can help users avoid somewhat legitimate but questionable apps like fake system cleaners or near-useless antivirus apps, while malicious traffic detection watches for apps attempting to connect to known malware command servers.
These are some truly innovative methods of protection that go far beyond the simple detection-and-removal of other antimalware apps.
Sophos Home Premium had a few oddities we spotted in our testing. For example, the menu bar icon would sometimes disappear, making us think the app had crashed. But it hadn’t and the icon would then appear again. We’ve noticed this for several years now. Why can’t Sophos get around to fixing it?
However, ultimately these are minor gripes.